DrGitnz Posted March 12, 2022 Share Posted March 12, 2022 Hello, So I've been having issues with my internet. First you should know that I live in a multi-family house with internet provided. I have the routers in my room. I have the Xfinity router which I connect to and also I have a linksys router for everyone else in the house. I am still very much learning all of this. I run wireshark from time to time when there seems to be a problem. And have to google most of it to figure it out. I ran a intense scan on the Xfinity router from nmap and returned this. Any help would be appreciated fingerprint-strings: | GetRequest: | HTTP/1.0 200 OK | Content-type: text/html | X-robots-tag: noindex,nofollow | X-Frame-Options: deny | X-XSS-Protection: 1; mode=block | X-Content-Type-Options: nosniff | Strict-Transport-Security: max-age=15768000; includeSubdomains | Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' 'unsafe-inline' 'unsafe-eval'; form-action 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self'; connect-src 'self'; object-src 'none'; media-src 'none'; script-nonce 'none'; plugin-types 'none'; reflected-xss 'none'; report-uri 'none'; | Content-Length: 9105 | Date: Fri, 11 Mar 2022 09:34:52 GMT | Server: Xfinity Broadband Router Server | Connection: close | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.o | HTTPOptions: | HTTP/1.0 200 OK | Content-type: text/html | X-robots-tag: noindex,nofollow | X-Frame-Options: deny | X-XSS-Protection: 1; mode=block | X-Content-Type-Options: nosniff | Strict-Transport-Security: max-age=15768000; includeSubdomains | Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' 'unsafe-inline' 'unsafe-eval'; form-action 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self'; connect-src 'self'; object-src 'none'; media-src 'none'; script-nonce 'none'; plugin-types 'none'; reflected-xss 'none'; report-uri 'none'; | Content-Length: 9105 | Date: Fri, 11 Mar 2022 09:34:54 GMT | Server: Xfinity Broadband Router Server | Connection: close |_ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.o | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-title: XFINITY |_http-server-header: Xfinity Broadband Router Server |_http-favicon: Unknown favicon MD5: 1939FBE51A7E908A3EEE495779E5FC3E 443/tcp open ssl/https Xfinity Broadband Router Server | ssl-cert: Subject: commonName=myrouter.io/organizationName=Comcast Corporation/stateOrProvinceName=Pennsylvania/countryName=US | Subject Alternative Name: DNS:myrouter.io | Issuer: commonName=COMODO RSA Organization Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2021-01-07T00:00:00 | Not valid after: 2022-01-07T23:59:59 | MD5: a9d9 fd3b 6f57 2ec4 9f4c e709 1380 ce88 |_SHA-1: 1eca 6fac 76a1 74a4 9a4d f6ce c0b8 d908 c645 acba | fingerprint-strings: | GetRequest: | HTTP/1.0 200 OK | Content-type: text/html | X-robots-tag: noindex,nofollow | X-Frame-Options: deny | X-XSS-Protection: 1; mode=block | X-Content-Type-Options: nosniff | Strict-Transport-Security: max-age=15768000; includeSubdomains | Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' 'unsafe-inline' 'unsafe-eval'; form-action 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self'; connect-src 'self'; object-src 'none'; media-src 'none'; script-nonce 'none'; plugin-types 'none'; reflected-xss 'none'; report-uri 'none'; | Content-Length: 9105 | Date: Fri, 11 Mar 2022 09:34:57 GMT | Server: Xfinity Broadband Router Server | Connection: close | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.o | HTTPOptions: | HTTP/1.0 200 OK | Content-type: text/html | X-robots-tag: noindex,nofollow | X-Frame-Options: deny | X-XSS-Protection: 1; mode=block | X-Content-Type-Options: nosniff | Strict-Transport-Security: max-age=15768000; includeSubdomains | Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' 'unsafe-inline' 'unsafe-eval'; form-action 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self'; connect-src 'self'; object-src 'none'; media-src 'none'; script-nonce 'none'; plugin-types 'none'; reflected-xss 'none'; report-uri 'none'; | Content-Length: 9105 | Date: Fri, 11 Mar 2022 09:34:59 GMT | Server: Xfinity Broadband Router Server | Connection: close |_ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.o |_ssl-date: TLS randomness does not represent time |_http-server-header: Xfinity Broadband Router Server Link to comment Share on other sites More sharing options...
dark_pyrro Posted March 12, 2022 Share Posted March 12, 2022 Don't just post stuff and suggest that you think you are attacked. Provide specific information on why you think you are attacked. What proof do you think you have that you classify as suspicious? Not just a bunch of text, but exactly what in that output says that you are under some form of attack? What issues do you experience that lead you to try to investigate it further? Link to comment Share on other sites More sharing options...
NoExecute Posted March 18, 2022 Share Posted March 18, 2022 So, let me guess. You have two routers, connected to each other, where you use on, and others run on the other router, and now you're having problems with unstable internet / lag / dropping connections ? And, you think you're under attack, and run a NMap scan on the router, aaaand comes up with the bable you posted.. There's nothing in there that suggest you're under attack. It's misconfigured internet on equipment not up for the task. Don't run two routers plugged into each other, unless you know what you're doing and can configure them properly, taking into account subnetting, IP-range, dns and so on. Get a Mikrotik router, to replace the two you have, configure each port as it's own seperate subnet, and configure firewalls and pinholes as needed, and you're done. Relax, you're likely NOT under attack 😉 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.